Channels

Services

Buffer overflow in Blue Coat's WinProxy

A specially prepared HTTP CONNECT query can cause a buffer overflow in Blue Coat's WinProxy. According to a security advisory published by service provider iDefense, the proxy then crashes, possibly allowing attackers to inject code .

iDefense does not, however, provide any details about the hole, merely adding that versions 6.1a and 6.0r1c are affected. Blue Coat has already released a corrected version (6.1r1c) for downloading. Users of the software should either upgrade to the current version or disable the HTTP proxy.